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The Patent Claims (reproduced here with the lines numbered.) 

1 1 . (Currently amended) A method for auditing the security of a first [[an]] enterprise 

2 including plural computers node s, where the term enterprise is defined to be a collection of 

3 computers, software, and networking that interconnects the computing environment of an 

4 organization of people who may be widely distributed geographically, comprising: 

5 collecting security information from the computers nodes of the first enterprise under 

6 audit; 

7 analyzing the security information and providing a first result of this analysis; and 

8 comparing this first result with a second result comprising security standards applicable 



9 to the enterprise under audit and one or more other enterprises that together form a relevant peer 

10 group, the second result comprising information derived from information previously obtained 

1 1 through application of the collecting and analyzing steps to one [[two]] or more other enterprises 

12 that interconnect the computing environments of other different organizations of people who 

13 may also be widely distributed, these one or more other enterprises together forming a in-the 

14 relevant peer group of other different organizations of people , the result of this comparing step 

15 indicating the relative security of the first enterprise under audit relative to that of the peer group 

16 of one or more other enterprises; 



17 where a peer group is defined to be a group of one or more enterprises assigned to the 

18 same business category as the first enterprise, enterprises involved in the same (or a similar) 

19 industry or business as the first enterprise, enterprises having computers configured similarly to 

20 the first enterprise's computers, or enterprises required to comply with the same security 

21 standards as the first enterprise, or a combination of these . 
1 2-3. (Cancelled) 

1 4. (Original) The method of claim 1, further comprising the step of generating at least 

2 one report that presents the first and second results arranged in a way that facilitates their 

3 comparison. 

1 5. (Original) The method of claim 4 wherein the generating step includes presenting the 

2 first and second results each broken down into several results relating to several different areas 
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3 of security, with a first and a second result presented for each different area of security and 

4 arranged in a way that facilitates their comparison. 

1 6. (Original) The method of claim 5 wherein, in the generating step, the results relating 

2 to several different areas of security comprise results arising from analysis of personnel security 

3 information and physical security information, at least some of the information included in the 

4 first result having been gathered using interviews during the collecting step. 

1 7. (Original) The method of claim 5 wherein, in the generating step, the results relating 

2 to several different areas of security comprise results arising from analysis of password security 

3 information and file access permission security information. 

1 8. (Original) The method of claim 7 wherein, in the generating step, the results relating 

2 to several different areas of security further comprise results arising from analysis of personnel 

3 security information and physical security information, at least some of the information included 

4 in the first result having been gathered using interviews during the collecting step. 

1 9. (Currently amended) The method of claim 5 wherein, in the generating step, the 

2 several different areas of security comprise one or more results of analysis of computer node 

3 configuration security information and one or more results of analysis of security information 

4 gathered using interviews. 

1 10. (Currently amended) The method of claim 9 wherein, in the generating step, the one 

2 or more results of analysis of computer node configuration security information comprise results 

3 arising from analysis of password security information. 

1 11. (Currently amended) The method of claim 9 wherein, in the generating step, the one 

2 or more results of analysis of computer node configuration security information comprises 

3 results arising from analysis of file access permission security information. 

1 12. (Original) The method of claim 4, wherein the generating step generates at least two 

2 comparative reports in different formats for different requesting parties or uses, and in particular 

3 one for technical experts that includes technical language and details and another for non- 

4 technical-experts that substantially excludes technical language and details. 
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1 13. (Currently amended) The method of claim 1, to which is added: 

2 generating and executing commands to alter the security information of one or more 

3 computers nodes to improve system security in at least some cases when the analysis or 

4 comparison or both indicate security is in need of improvement. 

1 14. (Original) The method of claim 13, further comprising; 

2 generating at least one report that presents the first and second results arranged in a way 

3 that facilitates their comparison. 

1 15. (Original) The method of claim 13 wherein the generating commands step generates 

2 commands which force the deactivation or correction of one or more passwords when the 

3 analysis or comparison or both indicate that these one or more passwords are not sufficiently 

4 secure. 

1 16. (Original) The method of claim 13 wherein the generating commands step generates 

2 commands which force alteration of one or more configuration file or control file access 

3 permissions if the analysis or comparison or both indicate that the access permissions assigned to 

4 these one or more files do not provide adequate system security. 

1 17. (Currently amended) A system for auditing the security of a first [[an]] enterprise^ 

2 where the term enterprise is defined to be a collection of computers, software, and networking 

3 that interconnects the computing environment of an organization of people who may be widely 

4 distributed geographically, comprising: 

5 a plurality of computers nodes within the first enterprise under audit; 

6 collectors associated with the computers nodes and arranged to collect from the 

7 computers nodes information concerning the security of the first enterprise under audit; 

8 a security analyzer arranged to analyze the information concerning the security of the 

9 first enterprise under audit and to provide a first result of this analysis; 

10 a data base containing a second result comprising security standards applicable to the 

11 enterprise under audit and one or more other enterprises that together form a relevant peer group, 

12 the second result comprising information derived from information previously obtained through 

13 application of the collectors and security analyzer to one [[two]] or more other enterprises that 
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14 interconnect the computing environments of other different organizations of people who may 

1 5 also be widely distributed, these one or more other enterprises together forming a in the relevant 

16 peer group of other different organizations of people ; and 

17 a comparison mechanism arranged to compare the first and second results to determine 

1 8 the relative security of the first enterprise under audit in comparison to that of the one or more 

19 enterprises of other different organizations of people in the relevant peer group; 

20 where a peer group is defined to be a group of one or more enterprises assigned to the 

21 same business category as the first enterprise, enterprises involved in the same (or a similar) 

22 industry or business as the first enterprise, enterprises having computers configured similarly to 

23 the first enterprise's computers, or enterprises required to comply with the same security 

24 standards as the first enterprise, or a combination of these . 

1 18. (Original) A system in accordance with claim 17 to which is added: 

2 a report generator that generates at least one report which presents the first and second 

3 results arranged each broken down into several results relating to several different areas of 

4 security, with a first and second result presented for each different area of security and arranged 

5 in a way that facilitates their comparison. 

1 19. (Currently amended) A system in accordance with claim 17 to which is added: 

2 change agents associated with the computers nodes and able to execute commands that 

3 alter computer node configuration information; and 

4 a command generator that provides commands to the change agents on selected 

5 computers nodes to alter computer node configuration information to improve system security in 

6 response to the analyzer or comparison mechanism or both determining security improvements 

7 are needed. 

1 20. (Original) A system in accordance with claim 19 wherein the command generator 

2 includes a mechanism that can generate commands which, when executed, cause one or more of 

3 the change agents to force the deactivation or correction of one or more secure passwords if the 

4 security analyzer or comparison mechanism or both determine that one or more passwords are 

5 not sufficiently secure. 



-5- 



Atty. Dkt. No. 10013526-1 



1 21 . (Previously Amended) A system in accordance with claim 19 wherein the command 

2 generator includes a mechanism that can generate commands which, when executed, cause one 

3 or more of the change agents to force the alteration of the access permissions of one or more 

4 configuration files or control files if the security analyzer or comparison mechanism or both 

5 determine that the access permissions assigned to one or more such files do not provide 

6 sufficient security. 

1 22. (Currently amended) A system for auditing the security of a first [[an]] enterprise^ 

2 where the term enterprise is defined to be a collection of computers, software, and networking 

3 that interconnects the computing environment of an organization of people who may be widely 

4 distributed geographically, comprising: 

5 a plurality of computers nodes within the first [[an]] enterprise under audit; 

6 collector means associated with the computers nodes for collecting information from the 

7 computers nodes concerning the security of the first enterprise under audit; 

8 security analyzer means for analyzing the information concerning the security of the first 

9 enterprise under audit and for providing a first result of this analysis; 

1 0 data base means for storing and for presenting a second result comprising s e curity 

11 standards applicable to the enterprise - under audit and one or more other enterprises that together 

12 form a relevant peer group, the second result comprising information derived from information 

13 previously obtained through application of the collector means and security analyzer means to 

14 one [[two]] or more other enterprises that interconnect the computing environments of other 

15 different organizations of people who may also be widely distributed, these one or more other 

1 6 enterprises together forming a in the relevant peer group of other different organizations of 

17 people ; and 

18 comparison means for comparing the first and second results to determine the relative 

19 security of the first enterprise under audit in comparison to that of the one or more enterprises of 

20 other different organizations of people in the relevant peer group; 

21 where a peer group is defined to be a group of one or more enterprises assigned to the 

22 same business category as the first enterprise, enterprises involved in the same (or a similar) 

23 industry or business as the first enterprise, enterprises having computers configured similarly to 
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24 the first enterprise's computers, or enterprises required to comply with the same security 

25 standards as the first enterprise, or a combination of these . 

1 23. (Previously Amended) A system in accordance with claim 22 to which is added 

2 report generation means for generating at least one report which presents the first and 

3 second results each broken down into several results relating to several different areas of 

4 security, with a first and second result presented for each different area of security and arranged 

5 in a way that facilitates their comparison. 

1 24. (Currently amended) A system in accordance with claim 22 to which is added 

2 change agent means associated with the computers nodes for executing commands that 

3 alter computer node configuration information; and 

4 command generator means for providing commands to the change agent means on 

5 selected computers nodes as needed to alter system configuration information to improve system 

6 security in response to the security analyzer means or the comparison means or both determining 

7 that security improvements are needed. 
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